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INTERNET CO-LOCATION FACILITY SECURITY SYSTEM 



FIELD OF THE INVENTION 

5 

The present invention relates generally to the field of security systems and, more 
particularly, to an Internet co-location facility security system. 

BACKGROUND 

10 The growing use of the Internet by businesses around the globe is creating a need 

for a scalable and secure home for every organization with a mission critical Internet 
component. Various facilities exist to provide Internet Service Providers (ISPs), 
Application Service Providers (ASPs), and content providers with a safe place to house 
their hardware. 

15 In a typical co-location model, member sites are placed in an environment where 

they have access to a network provider, site management and web hosting arrangements, 
and other similar types of services. While co-location models expedite electronic 
transmissions, the clustering of member sites in these facilities makes them vulnerable to 
vandals, thieves, and even terrorist attacks. Because modern e-commerce companies 

20 moving billions of dollars over the Internet can not afford to jeopardize the physical 
security of their equipment, co-location facilities are generally protected by advanced 
security systems. For instance, video cameras record activity in and around the facilities, 
sensors, including motion and sound sensors, detect suspicious or uncharacteristic events, 
and computers located in security control centers monitor access points. These systems 

25 may also include magnetic card readers or similar electromagnetic locking devices 
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granting member users access to certain parts of the facilities or to individually locked 
cages configured for networking and/or server co-location. 

Unfortunately, in the security conscious world of the Internet, the security 
systems of the prior art have many limitations. For one, they do not provide co-located 

5 members with enough control. Although these systems are designed to track everyone in 
a co-location facility at all times, members do not have access to this information. 
Keeping this information private may work in hospitals or jails, for example, but it does 
not provide enough leverage to e-commerce companies whose businesses depend on the 
facility in which their equipment is placed being absolutely free from interruption of 

10 service (power, air conditioning, the interconnections themselves, etc.). In addition, 
under current co-location security systems, members are unable to schedule visitor access 
to the facility through a user interface connected to the World Wide Web. This lack of 
automated access poses an additional security risk because it allows security officers, 
rather than the members themselves, to have too much control regarding visitor access to 

15 co-located member sites in the facility. Moreoever, the security systems of the prior art 
are not completely integrated. Tracking information from all the various components of 
the system is not available on a centralized database accessible by co-located members. 
Finally, visitors to one co-location facility do not have access to other co-location 
facilities owned by the same organization without having to go through a lengthy visitor 

20 enrollment system which is both burdensome and costly in the fast-paced world of e- 
commerce. 

Therefore, there is a need for an Internet exchange security system that is both 
completely integrated and that is also able to be monitored and access controlled by co- 
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located members of the facility. There is also a need for a more efficient co-location 
facility visitor access and enrollment system. 
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SUMMARY OF THE INVENTION 

It is an object of the present invention to provide a security system for an Internet 
co-location facility that integrates all the major components of the system and that makes 
the tracking information from these components available to co-located members on a 

5 master database accessible from the web. It is a further object of the present invention to 
provide a web-based interface that allows co-located members to assign visitor access to 
the Internet co-location facility from remote locations anywhere in the world. It is still a 
further object of the present invention to provide a visitor access and enrollment system 
that allows the visitor to enroll only once on the system to be granted access to one or 

10 more other Internet co-location facilities around the globe. 

According to one aspect of the present invention, there is provided a security 
system to control, monitor, and track security integrity and events within an Internet co- 
location facility. The security system may be installed at the Internet co-location facility 
and linked to a corporate server through a Wide Area Network (WAN). In the preferred 

15 embodiment of the present invention, a co-located member schedules a visit to the 
Internet co-location facility from a computer terminal located at a remote site using a 
web-based Customer Care System (CCS). Contact information, visit information, and the 
like is entered by the co-located member through the web-based interface and is 
transmitted by the CCS via the Internet to a Customer Support and Customer 

20 Relationship Management (CRM) system located on the corporate server that stores and 
manages this information in a database. The CCS also assigns a visit identification 
number for the scheduled visit and transmits this information to the CRM as well. The 
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CRM opens a file in the database which stores the information about the co-located 
member and the nature of the scheduled visit. 

When the visitor arrives at the Internet co-location facility, one of two procedures 
may be followed. If the visitor is already enrolled at the Internet co-location facility, the 

5 visitor may use a biometrics hand reader and input the visitor identification code into a 
key pad or similar type of alphanumeric input device coupled to the biometrics hand 
reader. If the biometrics hand reader verifies that the hand profile and visitor 
identification code match a profile for a visitor enrolled at the Internet co-location 
facility, an access control system connected by a private security network to the front 

10 entrance biometrics hand reader allows the visitor to enter the Internet co-location 
facility. If there is no match, access is denied. 

The use of the front entrance biometrics hand reader also triggers a software 
action in a Customer Security System (referred to as the Equinix Security System (ESS)) 
which includes a central processing unit (CPU) connected by the private security network 

15 to the access control system and to the lobby workstation. The ESS provides the lobby 
workstation (which may be monitored by a security officer) with picture and 
identification information for the visitor, a list of open and scheduled cases associated 
with the visitor, and specific security levels for the visitor. The visitor may then use a 
plurality of biometrics hand readers and input the visitor identification code into the key 

20 pad or similar type of alphanumeric input device coupled to each of the plurality of 
biometrics hand readers to move throughout the Internet co-location facility to an 
appropriate cage where the co-located member's Internet access unit and other equipment 
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may be housed. After the visitor performs work or some other type of function in the 
cage, the visitor returns to the lobby using the plurality of biometrics hand readers. 

If the visitor is not already enrolled at the Internet co-location facility another 
aspect of the present invention allows for a visitor access and enrollment procedure. 

5 According to this aspect of the present invention, visitor identification information (i.e., 
hand profiles for the plurality of biometrics hand readers, photo identification for the 
access control system, and additional identification information) is gathered by an 
enrollment biometrics hand reader and the access control system and is transmitted to the 
plurality of biometrics hand readers, the ESS, and to the CRM database which is located 

10 on the corporate server coupled to the Internet co-location facility through the WAN. 
The visitor identification information may then be transmitted to the ESS and to a 
plurality of biometrics hand readers and access control systems at one or more other 
Internet co-location facilities through the WAN. In this manner, the visitor need only 
enroll once in the Internet co-location facility security system to be granted access to any 

15 other Internet co-location facility around the globe. 

In a further aspect of the present invention, the events of the visit may be 
monitored by co-located members of the Internet co-location facility. The access control 
system tracks the visitor's use of the plurality of biometrics hand readers and transmits 
this information to the ESS. The ESS, in turn, transmits the information to the CRM 

20 which makes the information available in almost real-time to co-located members 
through the CCS web-based interface. In this way, co-located members may monitor the 
visitor's location within the Internet co-location facility at all times. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention is illustrated by way of example, and not limitation, in the 
figures of the accompanying drawings in which like reference numerals refer to similar 
elements and which: 

5 Figure 1 is a functional block diagram illustrating the overall operation of an 

Internet co-location facility security system in accordance with one embodiment of the 
present invention. 

Figure 2 is a functional block diagram illustrating the network detail of the access 
and enrollment components of an Internet co-location facility security system in 
10 accordance with one embodiment of the present invention. 

Figure 3 is a functional block diagram illustrating the design layout of the 
primary access points in an Internet co-location facility security system in accordance 
with one embodiment of the present invention. 

Figure 4 is a sample Visit-in-Progress computer user interface screen that co- 
15 located members may download from a CCS web-based interface component of an 
Internet co-location facility security system in accordance with one embodiment of the 
present invention. 

Figure 5 is a sample Case Assignment computer user interface screen as it 
appears on a lobby workstation of an Internet co-location facility security system in 
20 accordance with one embodiment of the present invention. 

Figure 6 is a sample Visit-in-Progress computer screen that is maintained in a 
database of an Internet co-location facility security system in accordance with one 
embodiment of the present invention. 
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Figure 7 is a sample Start Visit computer user interface screen as it appears on a 
lobby workstation of an Internet co-location facility security system in accordance with 
one embodiment of the present invention. 

Figure 8 is a flow diagram illustrating the process by which a co-located member 
5 may schedule a visit to an Internet co-location facility using an Internet connection to a 
database located on a server of an Internet co-location facility security system in 
accordance with one embodiment of the present invention. 

Figure 9 is a flow diagram illustrating the process by which an enrolled visitor is 
granted access to an Internet co-location facility using a front entrance biometrics reader 
10 of an Internet co-location facility security system in accordance with one embodiment of 
the present invention. 

Figure 9A is a flow diagram illustrating the process by which a visitor may be 
enrolled in an Internet co-location facility security system using an enrollment biometrics 
reader connected to the access control system and to the plurality of biometrics readers in 
15 accordance with one embodiment of the present invention. 
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DETAILED DESCRIPTION 

Throughout the following description specific details are set forth in order to 
provide a more thorough understanding of the invention. However, the invention may be 
practiced without these particulars. In other instances, well known elements have not 

5 been shown or described in detail to avoid unnecessarily obscuring the present invention. 
Accordingly, the specification and drawings are to be regarded in an illustrative, rather 
than a restrictive, sense. 

Referring now to Figure 1, there is shown a functional block diagram illustrating 
the overall operation of an Internet co-location facility security system 100 in accordance 

10 with one embodiment of the present invention. The Internet co-location facility 1 10 itself 
may include a facility comprising a plurality of cabinets located in shared or private cages 
(not shown in this view). Each cabinet is an enclosed frame or cage into which 
equipment may be mounted. The cabinets may be configured in full spaces (for example 
36" deep by 22" wide by 83" tall) and are designed so that co-located members of the 

15 Internet co-location facility 110 may house Internet access units and other types of 
equipment (not shown in this view). A plurality of network providers (not shown in this 
view) may be connected to the co-located member's equipment. It should be noted, 
however, that the Internet co-location facility security system 100 of the present 
invention may be used in numerous types of co-location models and other types of 

20 facilities with high-level security system requirements. 

The Internet co-location facility security system 100 may be installed at the 
Internet co-location facility 110 and linked to a corporate server 125 through a Wide Area 
Network (WAN) 115. In the preferred embodiment of the present invention, a co-located 
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member may use a remote computer terminal 130 to schedule a visit to the co-located 
member's cage within the Internet co-location facility 110. Using a web-based Customer 
Care System (CCS) accessible from the remote computer terminal 130, the co-located 
member may schedule the visit by entering information into the CCS regarding the date, 

5 time, duration, and nature of the visit, etc. See also Figure 8 (processing block 805). The 
visit information is then transmitted via the Internet 135 to a Customer Support and 
Customer Relationship Management System (CRM) 120 located on the corporate server 
125 connected by the WAN 115 to the Internet co-location facility 110 (processing block 
810). The CRM 120 includes a database to store and manage the visit information in a 

10 file particular to the co-located member who scheduled the visit (processing block 815). 
However, it should be noted that while the file that is opened by the CRM 120 is 
particular to the co-located member who scheduled the visit, any visitor who is 
authorized to access the Internet co-location facility 110 by the co-located member and 
by the Internet co-location facility security system 100 may make the scheduled visit. 

15 Every scheduled visit may be referred to as a case in the Internet co-location facility 
security system 100 and appears as a case assignment in the CRM 120 database 
indicating information such as a visit identification number for the visit, expected visitor 
name, co-located member name, date, time, duration, and nature of the visit, etc. The 
CRM 120 transmits the case assignment through the WAN 115 to the Customer Security 

20 System (referred to as the Equinix Security System (ESS)) 170 which includes a central 
processing unit (CPU) to store the case assignment. 

When the visitor arrives at the Internet co-location facility 110 for the scheduled 
visit, one of two procedures may be followed depending upon the visitor's enrollment 
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status at the Internet co-location facility 110. If the visitor is already enrolled at the 
Internet co-location facility 110 (i.e., if the visitor has visited the Internet co-location 
facility 110 or another Internet co-location facility 140, 145, 150, etc., at least once), the 
visitor may use a conventional biometrics hand reader (not shown in this view) controlled 
by software 195 and enter a visitor identification code particular to the visitor into a key 
pad or similar type of alphanumeric input device coupled to the front entrance biometrics 
hand reader. See also Figure 9 (processing block 905). It should be noted that every time 
the visitor uses one of the plurality of biometrics hand readers 190 located in the Internet 
co-location facility 110, the visitor must also enter the visitor identification code into a 
key pad or similar type of alphanumeric input device coupled to each of the plurality of 
biometrics hand readers 190. It should also be noted that although biometrics hand 
readers are used in the preferred embodiment of the present invention, other types of 
conventional personal characteristics scanners may be used as well including 
knuckleprint, fingerprint, and retinal scanners. Other types of electronic locking devices 
may also be used. 

If the front entrance biometrics hand reader verifies that the hand profile and 
visitor identification code match a previously learned code for the visitor in the Internet 
co-location facility 110 security system, an access control system 160 (processing block 
910) including a central processing unit (CPU) and a plurality of intelligent control units 
(not shown in this view) connected to the front entrance biometrics hand reader by a 
private security network 105 (and also to the plurality of other biometrics hand readers 
190 by the private security network 105) allows the visitor to access the Internet co- 
location facility 110. If there is no match, access is denied. In the preferred embodiment 
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of the present invention, a conventional AMAG access control system 160 is used, but 
other types of access control systems may be used as well. 

The access control system 160 is connected by the private security network 105 to 
the ESS 170 (processing block 915). Under the direction of executing software 

5 programs, the ESS 170 receives information regarding the use of the front entrance 
biometrics hand reader from the access control system 160. This information may 
include the visitor identification code, the date and time the visitor used the front entrance 
biometrics reader, the visitor's picture, and the visitor's name. The ESS 170 combines 
the information received from the access control system 160 with the case assignment 

10 information received from the CRM 120 and transmits this information to a browser- 
based (i.e. web-based) interface connected by the private security network 105 to a lobby 
workstation 180 (processing block 920). In this manner, a security officer monitoring the 
lobby workstation 180 may identify which case the visitor is assigned to and authorize 
visitor access to the rest of the Internet co-location facility 110. The ESS 170 will track 

15 the visitor and update the case assignment as the visitor uses the plurality of biometrics 
hand readers 190 throughout the Internet co-location facility 1 10. 

Referring now to Figure 2, there is shown a functional block diagram illustrating 
the network detail of the access and enrollment components of the Internet co-location 
facility security system 200 in accordance with one embodiment of the present invention. 

20 According to this aspect of the present invention, a first time visitor to the Internet co- 
location facility 210 may be enrolled in the Internet co-location facility security system 
200 by the software 220 that controls the biometrics hand readers 215. See also Figure 
9 A. In operation, the visitor's hand may be placed in a measuring platen in an enrollment 
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biometrics hand reader (processing block 925) located in the security room 255 of the 
Internet co-location facility 210. An image of the hand may be recorded using an 
electronic imaging device and stored on a memory chip or storage device in the 
enrollment biometrics hand reader. Comparison means function to match the stored hand 

5 features with the visitor identification code which may be entered into the enrollment 
biometrics hand reader through the key pad or similar type of alphanumeric input device 
coupled to the enrollment biometrics hand reader. A cable 225 transmits this information 
to the plurality of biometrics hand readers 215 located in the Internet co-location facility 
210 (processing block 930). The plurality of biometrics hand readers 215 may also be 

10 connected by the cable 225 to a polling station component 260 of the access control 
system (processing block 940). The polling station 260 transmits activity to a server 270 
which permits or denies access to designated areas in the Internet co-location facility 210 
based on information received from the plurality of biometrics hand readers 215. 

The visitor may also be enrolled on the access control system. Visitor enrollment 

15 information may be entered on a computer terminal component 250 of the access control 
system (processing block 935). This information may include the visitor identification 
code, the visitor's name, co-located member access authorization levels, and the like. A 
CPU contains the software to control the access control system and is connected to the 
computer terminal component 250 of the access control system by the private security 

20 network 265. A badge making system 230 may also be connected to the access control 
system by the private security network 265 and makes a badge for the visitor containing 
the visitor's identification information and access authorization levels transmitted by the 
access control system to the plurality of biometrics hand readers 215 by the private 
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security network 265. The computer terminal component 250 of the access control 
system prints out a badge for the visitor based on information received from the badge 
making system 230 through the private security network 265. The badge making system 
may also contain a camera system 235 to take a picture of the visitor to store in the badge 

5 making system 230 for future use. It should be noted that a second camera system 280 
connected to server 270 by connection 275 monitors activity throughout the Internet co- 
location facility 210. However, second camera system 280 is not actually a part of the 
Internet co-location facility 210 enrollment procedure. 

In the embodiment of the present invention represented by Figure 2, the server 

10 270 also contains the software to control the ESS (processing block 950). The visitor's 
hand profile from the enrollment biometrics hand reader and the enrollment information 
from the access control system is downloaded to the ESS. The ESS transmits this 
information through the WAN 285 to the CRM 290. The WAN 285 may allow the CRM 
290 to transmit the information from the ESS to one or more CRM's and access control 

15 systems and to a plurality of biometrics hand readers in one or more other Internet co- 
location facilities (shown in this view). In this manner, the visitor need only enroll once 
in the Internet co-location facility security system 200 (or in another initial visit Internet 
co-location facility security system) to be granted access to any other Internet co-location 
facility throughout the world. 

20 Moreover, once the visitor is enrolled in the Internet co-location facility security 

system 200, the ESS may combine visitor information received from the access control 
system through the private security network 265 with case assignment information 
received from the CRM 290 through the WAN 285 and transmit the combined 
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information to a browser-based interface connected by the private security network 265 
to a lobby workstation 240. As is discussed in the description of Figure 1, in this manner 
a security officer monitoring the lobby workstation 240 may identify which case a visitor 
is assigned to and authorize the visitor with access to the rest of the Internet co-location 
5 facility 210. 

Referring now to Figure 3, there is shown a functional block diagram illustrating 
the primary access points in the Internet co-location facility security system 300 in 
accordance with one embodiment of the present invention. Once the visitor is granted 
access to the Internet co-location facility 310 and, if necessary, enrolled in the Internet 

10 co-location facility 310 security system, the security officer may activate a user interface 
function by, for example, selecting a button appearing on the lobby workstation (not 
shown in this view) that says "Start Visit." At this point, the visitor may use a second 
biometrics hand reader 320 and enter the visitor identification code into the key pad or 
similar type of alphanumeric input device coupled to the second biometrics hand reader 

15 320. If the second biometrics hand reader 320 verifies that the visitor's hand profile 
matches the visitor identification code, the access control system (not shown in this view) 
permits the visitor to enter the tunnel 325 area of the Internet co-location facility 310. If 
the second biometrics hand reader 320 does not find a match for the visitor's hand profile 
and the visitor identification code, an alarm may be set off in the Internet co-location 

20 facility 310 and remedial action will be taken. 

If there is a match, the visitor may use the third, fourth, and fifth biometrics hand 
readers 330, 340, and 350, respectively, located at designated access points in the Internet 
co-location facility 310. A match on these biometrics hand readers allows the visitor to 
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enter the customer area 345, the co-location area 355, and the cage 350 where the visitor 
is scheduled to make a visit to one or more cabinets 370, 380, 390, etc. It should be 
noted, however, that although the visitor uses a total of five biometrics hand readers (four 
biometrics hand readers 320, 330, 340, and 350 located in the facility and a front entrance 

5 biometrics hand reader 305 ) in the embodiment of the present invention represented by 
Figure 3, any number of biometrics hand readers may be used in the Internet co-location 
facility 310 security system. 

As the visitor uses the plurality of biometrics hand readers 320, 330, 340, and 
350, the access control system (not shown in this view) tracks the visitor's progress 

10 throughout the Internet co-location facility 310, storing the visitor identification code, the 
visit identification number, and the date and time the visitor used any one of the plurality 
of biometrics hand readers 320, 330, 340, and 350. In addition, the ESS (not shown in 
this view) may download the tracking information stored in the access control system and 
transmit this information through the WAN to the CRM (not shown in this view). The 

15 CRM may make this information available through the Internet in almost real-time to co- 
located members using the CCS web-based interface (not shown in this view). In this 
manner, co-located members may monitor the location of the visitor in the Internet co- 
location facility 310 at any given point in time. 

Referring now to Figure 4, there is shown a sample Visit-in-Progress computer 

20 user interface screen 400 that co-located members may view from the CCS web-based 
interface in accordance with one embodiment of the present invention. The information 
appears in columns 420 and 430 on the screen 410. The visit identification number 440, 
the visitor's first name 450, and the date and time 460 the visitor entered a particular 
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designated area in the Internet co-location facility appears in the left hand column 420, 
and the visitor's last name 470 and the visitor identification code 480 appears in the right 
hand column 430. This information is updated in almost real-time whenever the visitor 
uses one of the plurality of biometrics hand readers located in the Internet co-location 
5 facility. 

Referring now to Figure 5, there is shown a sample Case Assignment computer 
user interface screen 500 as it appears on the Internet co-location facility lobby 
workstation in accordance with one embodiment of the present invention. The visitor 
identification code, the visitor's name, the company (co-located member), and the access 

10 authorization level appears in columns at the top of the screen. The visit identification 
number, the company (co-located member), the reason for the visit, the name of the 
person who scheduled the visit, and the date and time of the visit appear in columns 
below the visitor information. The visitor may indicate to a security officer monitoring 
the lobby workstation the visit identification number assigned to the visitor for a 

15 particular case. 

Referring now to Figure 6, there is shown a sample Visit-in-Progress computer 
screen 600 that is maintained in a database of an Internet co-location facility security 
system in accordance with one embodiment of the present invention. The visitor 
identification code 610, the visit identification number 620, the visitor's first name 630, 
20 middle initial 640, and last name 650, and the company 660 (co-located member) appear 
in columns on the screen. As is illustrated by the Visit-in-Progress screen 600, more than 
one visitor may be assigned to a particular case. In addition, the Visit-in-Progress screen 
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600 demonstrates that the system matches the visitor identification code 610 with the 
visit identification number 620. 

Referring now to Figure 7, there is shown a sample Start Visit computer user 
interface screen 700 as it appears on the lobby workstation in accordance with one 

5 embodiment of the present invention. A security officer monitoring the lobby 
workstation may click on a "Start Visit" box 710 on the screen with a mouse or some 
other type of control device to authorize the visitor to access the remainder of the Internet 
co-location facility. The visitor may then use the plurality of biometrics hand readers to 
access designated areas within the Internet co-location facility. When the visitor 

10 completes the scheduled visit and returns to the lobby, a screen with an "End Visit" box 
(not shown in this view) will appear on the lobby workstation. The security officer may 
click on the "End Visit" box to end the visit. It should be noted, however, that if more 
than one visitor is assigned for the scheduled visit, a case assignment will remain open 
and still appear on the lobby workstation as a visit-in-progress for one or more other 

15 visitors assigned to the case. 

Thus, an Internet co-location facility security system has been described. 
Although the foregoing description and accompanying figures discuss and illustrate 
specific embodiments, it should be appreciated that the present invention is to be 
measured only in terms of the claims that follow. 

20 
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CLAIMS 

What is claimed is: 

1 1 . An Internet co-location facility security system, comprising: 

2 a plurality of biometrics readers; 

3 an access control system coupled to the plurality of biometrics readers; 

4 a computer including a central software program connected to the access control 

5 system, the central software program configured to monitor the use of the plurality of 

6 biometrics readers; 

7 a server including a database connected to the central software program, the 

8 database configured to receive information from the central software program regarding 

9 the use of the plurality of biometrics readers and to transmit this information to co- 
10 located members through the Internet; and 



1 1 a web-based interface configured to allow co-located members to schedule visits 

12 to the facility through the Internet to the database on the server. 

1 2. The Internet co-location facility security system of Claim 1 further including an 

2 input device coupled to each of the plurality of biometrics readers for entry of a visitor 

3 identification code of a visitor, a match between the visitor identification code and the 

4 visitor's personal identification characteristics triggering the access control system to 

5 allow the visitor to gain access to designated areas in the facility. 

1 3. The Internet co-location facility security system of Claim 2 wherein the access 

2 control system further includes a transmitter for transmitting the information regarding 

3 the use of the plurality of biometrics readers to the central software program, the 
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4 information regarding the use of the plurality of biometrics readers including the visitor 

5 identification code and the date and time the visitor used one or more of the plurality of 

6 biometrics readers. 

1 4. The Internet co-location facility security system of Claim 1 wherein information 

2 regarding the scheduled visits transmitted by the co-located members through the Internet 

3 to the database on the server includes the date, time, expected duration of a scheduled 

4 visit, and a visit identification number for the scheduled visit. 

1 5. The Internet co-location facility security system of Claim 1 wherein the server 

2 further includes a transmitter for transmitting information regarding the scheduled visits 

3 to the central software program through a network. 

1 6. The Internet co-location facility security system of Claim 1 further including a 

2 front entrance biometrics reader for initial access to the facility, the use of the front 

3 entrance biometrics reader triggering the central software program to transmit 

4 information regarding the use of the front entrance biometrics reader to a lobby 

5 workstation. 

1 7. The Internet co-location facility security system of Claim 1 further including a 

2 user interface for triggering the central software program to combine a visitor 

3 identification code with a visit identification number for the scheduled visit. 

1 8. The Internet co-location facility security system of Claim 7 wherein the user 

2 interface authorizes a visitor to progress through the remainder of the facility using the 

3 plurality of biometrics readers. 
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1 9. The Internet co-location facility security system of Claim 1 wherein information 

2 regarding the use of the plurality of biometrics readers is transmitted by the central 

3 software program through the network to the database on the server, the information 

4 including a visitor identification code, a visit identification number for the scheduled 

5 visit, and the date and time a visitor used any one of the plurality of biometrics readers. 

1 10. The Internet co-location facility security system of Claim 9 wherein the co- 

2 located members may access the information in the database regarding a visitor's use of 

3 the plurality of biometrics readers by using the web-based interface accessible from one 

4 or more remote computer terminals connected to the Internet. 

1 11. An Internet co-location facility security system, comprising: 

2 an enrollment biometrics reader; 

3 an access control system coupled the enrollment biometrics reader and to a 

4 plurality of other biometrics readers; 

5 a computer including a central software program connected to the access control 

6 system, the central software program configured to monitor the use of the plurality of 

7 other biometrics readers; 

8 a server including a database connected to the central software program, the 

9 database configured to receive information from the central software program regarding 

10 the use of the plurality of biometrics readers and to transmit this information to co- 

1 1 located members through the Internet; and 

12 a web-based interface configured to allow co-located members to schedule visits 

13 to the facility through the Internet to the database on the server. 
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1 12. The Internet co-location facility security system of Claim 1 1 further including an 

2 imaging device to record an image of a personal characteristic of a visitor not previously 

3 enrolled in the security system, the image of the personal characteristic stored on a 

4 storage device in the enrollment biometrics reader. 

1 13. The Internet co-location facility security system of Claim 12 further including an 

2 input device coupled to the enrollment biometrics reader for matching a stored image of 

3 the visitor's personal characteristic with a visitor identification code entered into the 

4 enrollment biometrics reader through the input device. 

1 14. The Internet co-location facility security system of Claim 13 wherein the 

2 enrollment biometrics reader transmits a stored image matched with a visitor 

3 identification code to the plurality of other biometrics readers located in the facility 

4 through a private security network. 

1 15. The Internet co-location facility security system of Claim 1 1 wherein a visitor 

2 may be enrolled in the access control system by entering the visitor information into an 

3 input device coupled to the access control system. 

1 16. The Internet co-location facility security system of Claim 1 1 wherein a stored 

2 image matched with a visitor identification code from the enrollment biometrics reader 

3 and identification information from the access control system is download by the central 

4 software program, the central software program transmitting the information through the 

5 Internet to the database on the server. 
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1 17. The Internet co-location facility security system of Claim 16 wherein the database 

2 transmits the information from the central software program through a network to a 

3 database on a server in one or more other facilities. 

1 18. The Internet co-location facility security system of Claim 17 wherein the database 

2 transmits the information through the network to an access control system and through a 

3 private security network to a plurality of biometrics readers in one or more other 

4 facilities, the information transmitted by the database automatically enrolling the visitor 

5 on the access control system and the plurality of biometrics readers in the one or more 

6 other facilities. 

1 19. The Internet co-location facility security system of Claim 18 wherein the visitor 

2 uses the plurality of other biometrics readers to gain access to designated areas in the 

3 facility, the information regarding the use of the plurality of other biometrics readers 

4 including the visitor identification code, a visit identification number, and the date and 

5 time the visitor used one or more of the plurality of other biometrics readers. 

1 20. An Internet co-location facility security system, comprising: 

2 a plurality of biometrics readers; 

3 an access control system coupled to the plurality of biometrics readers; 

4 a computer including a central software program connected to the access control 

5 system, the central software program configured to monitor the use of the plurality of 

6 biometrics readers; and 
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7 a server including a database connected to the central software program, the 

8 database configured to receive information from the central software program regarding 

9 the use of the plurality of biometrics readers and to transmit this information to co- 
10 located members through the Internet; 

1 21 . The Internet co-location facility security system of Claim 20 further including a 

2 web-based interface configured to allow co-located members to schedule visits to the 

3 facility through the Internet to the database on the server. 

1 22. The Internet co-location facility security system of Claim 20 wherein the server 

2 further includes a transmitter for transmitting information regarding the scheduled visits 

3 to the central software program through a network, the information including a visit 

4 identification number. 

1 23. The Internet co-location facility security system of Claim 20 further including an 

2 input device coupled to each of the plurality of biometrics readers for entry of a visitor 

3 identification code of a visitor, a match between the visitor identification code and the 

4 visitor's personal identification characteristics triggering the access control system to 

5 allow the visitor to gain access to designated areas in the facility. 

1 24. The Internet co-location facility security system of Claim 20 wherein the access 

2 control system further includes a transmitter for transmitting the information regarding 

3 the use of the plurality of biometrics readers to the central software program, the 

4 information regarding the use of the plurality of biometrics readers including a visitor 

5 identification code and the date and time the visitor used one or more of the plurality of 

6 biometrics readers. 
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1 25. The Internet co-location facility security system of Claim 20 wherein the central 

2 software program combines a visit identification number with the information regarding 

3 the use of the plurality of biometrics readers from the access control system, the 

4 combined information transmitted to the database on the server where it is accessible to 

5 co-located members from one or more remote computer terminals connected to the 

6 Internet. 

1 26. An Internet co-location facility security system, comprising 

2 a plurality of biometrics readers ; 

3 an access control system coupled to the plurality of biometrics readers; 

4 a computer including a central software program connected to the access control 

5 system, the central software program configured to monitor the use of the plurality of 

6 biometrics readers; and 

7 a web-based interface configured to allow co-located members to schedule visits 

8 to the facility through the Internet to the database on the server. 

1 27. The Internet co-location facility security system of Claim 26 further including a 

2 server including a database connected to the central software program, the database 

3 configured to receive information from the central software program regarding the use of 

4 the plurality of biometrics readers and to transmit this information to co-located members 

5 through a network. 

1 28. The Internet co-location facility security system of Claim 26 further including an 

2 input device coupled to each of the plurality of biometrics readers for entry of a visitor 

3 identification code of a visitor, a match between the visitor identification code and the 



Application 



26 



004609 .P002 



4 visitor's personal identification characteristics triggering the access control system to 

5 allow the visitor to gain access to designated areas in the facility. 

1 29. The Internet co-location facility security system of Claim 26 wherein the access 

2 control system further includes a transmitter for transmitting the information regarding 

3 the use of the plurality of biometrics readers to the central software program, the 

4 information regarding the use of the plurality of biometrics readers including a visitor 

5 identification code and the date and time the visitor used one or more of the plurality of 

6 the biometrics readers. 

1 30. The Internet co-location facility security system of Claim 26 wherein the central 

2 software program combines a visit identification number with the information regarding 

3 the use of the plurality of biometrics readers from the access control system, the 

4 combined information transmitted to the database on the server where it is accessible to 

5 co-located members from one or more remote computer terminals connected to the 

6 Internet. 
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ABSTRACT 

An Internet co-location facility security system integrates all the major 
components of the system and makes tracking information from these components 
available to co-located members on a database accessible from the web. A web-based 
interface allows co-located members to assign visitor access to the Internet co-location 
facility through the Internet from remote computer terminals. A visitor access and 
enrollment system allows a visitor to enroll only once in the system to be granted access 
to one or more other Internet co-location facility security systems around the globe. 
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William E. Alford, Reg. No. 37,764; Farzad E. Amini, Reg. No. P42,261 ; Aloysius T. C. AuYeung, Reg. No. 
35,432; William Thomas Babbitt, Reg. No. 39,591 ; Carol F. Barry, Reg. No. 41 ,600; Jordan Michael 
Becker, Reg. No. 39,602; Lisa N. Benado, Reg. No. 39,995; Bradley J. Bereznak, Reg. No. 33,474; 
Michael A. Bernadicou, Reg. No. 35,934; Roger W. Blakely, Jr., Reg. No. 25,831 ; R. Alan Burnett, Reg. 
No. 46,149; Gregory D. Caldwell, Reg. No. 39,926; Andrew C. Chen, Reg. No. 43,544; Thomas M. 
Coester, Reg. No. 39,637; Donna Jo Coningsby, Reg. No. 41,684; Florin Corie, Reg. No. 46,244; Dennis 
M. deGuzman, Reg. No. 41,702; Stephen M. De Klerk, Reg. No. P46,503; Michael Anthony DeSanctis, 
Reg. No. 39,957; Daniel M. De Vos, Reg. No. 37,813; Robert Andrew Diehl, Reg. No. 40,992; Sanjeet 
Dutta, Reg. No. P46,145; Matthew C. Fagan, Reg. No. 37,542; Tarek N. Fahmi, Reg. No. 41,402; George 
Fountain, Reg. No. 37,374; Paramita Ghosh, Reg. No. 42,806; James Y. Go, Reg. No. 40,621; James A. 
Henry, Reg. No. 41,064; Libby N. Ho, Reg. No. P46,774; Willmore F. Holbrow III, Reg. No. P41,845; 
Sheryl Sue Holloway, Reg. No. 37,850; George W Hoover II, Reg. No. 32,992; Eric S. Hyman, Reg. No. 
30,139; William W. Kidd, Reg. No. 31,772; Sang Hui Kim, Reg. No. 40,450; Walter T. Kim, Reg. No. 
42,731; Eric T. King, Reg. No. 44,188; Erica W. Kuo, Reg. No. 42,775; George Brian Leavell, Reg. No. 
45,436; Kurt P. Leyendecker, Reg. No. 42,799; Gordon R. Lindeen III, Reg. No. 33,192; Jan Carol Little, 
Reg. No. 41 ,181 ; Joseph Lutz, Reg. No. 43,765; Michael J. Mallie, Reg. No. 36,591 ; Andre L. Marais, 
under 37 C.F.R. § 10.9(b); Paul A. Mendonsa, Reg. No. 42,879; Clive D. Menezes, Reg. No. 45,493; 
Chun M. Ng, Reg. No. 36,878; Thien T. Nguyen, Reg. No. 43,835; Thinh V. Nguyen, Reg. No. 42,034; 
Dennis A. Nicholls, Reg. No. 42,036; Daniel E. Ovanezian, Reg. No. 41,236; Kenneth B. Paley, Reg. No. 
38,989; Marina Portnova, Reg. No. P45,750; William F. Ryann, Reg. 44,313; James H. Salter, Reg. No. 
35,668; William W. Schaal, Reg. No. 39,018; James C. Scheller, Reg. No. 31,195; Jeffrey Sam Smith, 
Reg. No. 39,377; Maria McCormack Sobrino, Reg. No. 31 ,639; Stanley W. Sokoloff, Reg. No. 25,128; 
Judith A. Szepesi, Reg. No. 39,393; Vincent P. Tassinari, Reg. No. 42,179; Edwin H. Taylor, Reg. No. 
25,129; John F. Travis, Reg. No. 43,203; Joseph A. Twarowski, Reg. No. 42,191 ; Tom Van Zandt, Reg. 
No. 43,219; Lester J. Vincent, Reg. No. 31,460; Glenn E. Von Tersch, Reg. No. 41,364; John 
Patrick Ward, Reg. No. 40,216; Mark L. Watson, Reg. No. P46,322; Thomas C. Webster, Reg. No. 
P46,154; Steven D. Yates, Reg. No. 42,242; and Norman Zafman, Reg. No. 26,250; my patent attorneys, 
and Firasat Ali, Reg. No. 45,715; and Justin M. Dillon, Reg. No. 42,486; my patent agents, of BLAKELY, 
SOKOLOFF, TAYLOR & ZAFMAN LLP, with offices located at 12400 Wilshire Boulevard, 7th Floor, 
Los Angeles, California 90025, telephone (310) 207-3800, and James R. Thein, Reg. No. 31,710, my 
patent attorney with full power of substitution and revocation, to prosecute this application and to transact 
all business in the Patent and Trademark Office connected herewith. 
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Title 37, Code of Federal Regulations, Section 1 ,56 
Duty to Disclose Information Material to Patentability 

(a) A patent by its very nature is affected with a public interest. The public interest is best served, 
and the most effective patent examination occurs when, at the time an application is being examined, the 
Office is aware of and evaluates the teachings of all information material to patentability. Each individual 
associated with the filing and prosecution of a patent application has a duty of candor and good faith in 
dealing with the Office, which includes a duty to disclose to the Office all information known to that individual 
to be material to patentability as defined in this section. The duty to disclosure information exists with respect 
to each pending claim until the claim is cancelled or withdrawn from consideration, or the application becomes 
abandoned. Information material to the patentability of a claim that is cancelled or withdrawn from 
consideration need not be submitted if the information is not material to the patentability of any claim 
remaining under consideration in the application. There is no duty to submit information which is not material 
to the patentability of any existing claim. The duty to disclosure all information known to be material to 
patentability is deemed to be satisfied if all information known to be material to patentability of any claim 
issued in a patent was cited by the Office or submitted to the Office in the manner prescribed by §§1 .97(b)-(d) 
and 1 .98. However, no patent will be granted on an application in connection with which fraud on the Office 
was practiced or attempted or the duty of disclosure was violated through bad faith or intentional misconduct. 
The Office encourages applicants to carefully examine: 

(1) Prior art cited in search reports of a foreign patent office in a counterpart application, and 

(2) The closest information over which individuals associated with the filing or prosecution of a 
patent application believe any pending claim patentably defines, to make sure that any material information 
contained therein is disclosed to the Office. 

(b) Under this section, information is material to patentability when it is not cumulative to 
information already of record or being made or record in the application, and 

(1) It establishes, by itself or in combination with other information, a prima facie case of 
unpatentability of a claim; or 

(2) It refutes, or is inconsistent with, a position the applicant takes in: 

(i) Opposing an argument of unpatentability relied on by the Office, or 

(ii) Asserting an argument of patentability. 

A prima facie case of unpatentability is established when the information compels a conclusion that a claim is 
unpatentable under the preponderance of evidence, burden-of-proof standard, giving each term in the claim 
its broadest reasonable construction consistent with the specification, and before any consideration is given to 
evidence which may be submitted in an attempt to establish a contrary conclusion of patentability. 

(c) Individuals associated with the filing or prosecution of a patent application within the 
meaning of this section are: 

(1) Each inventor named in the application; 

(2) Each attorney or agent who prepares or prosecutes the application; and 

(3) Every other person who is substantively involved in the preparation or prosecution of the 
application and who is associated with the inventor, with the assignee or with anyone to whom there is an 
obligation to assign the application. 

(d) Individuals other than the attorney, agent or inventor may comply with this section by 
disclosing information to the attorney, agent, or inventor. 
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